Vulnerability Details CVE-2006-0924
Cross-site scripting (XSS) vulnerability in Brown Bear iCal 3.10 allows remote attackers to inject arbitrary web script or HTML via the Calendar Text field when a new event is added. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/19001
- http://www.osvdb.org/23472
- http://www.securityfocus.com/bid/16845
- http://www.vupen.com/english/advisories/2006/0727
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24919
- http://secunia.com/advisories/19001
- http://www.osvdb.org/23472
- http://www.securityfocus.com/bid/16845
- http://www.vupen.com/english/advisories/2006/0727
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24919
Products affected by CVE-2006-0924
-
cpe:2.3:a:brown_bear_software:ical:3.10